| ID |
CVE-2024-41737
|
| Sažetak |
SAP CRM ABAP (Insights
Management) allows an authenticated attacker to enumerate HTTP endpoints in the
internal network by specially crafting HTTP requests. On successful
exploitation this can result in information disclosure. It has no impact on
integrity and availability of the application. |
| Reference |
|
| CVSS |
| Base: | 5.0 |
| Impact: | 1.4 |
| Exploitability: | 3.1 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
LOW |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| LOW |
NONE |
NONE |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
| Zadnje važnije ažuriranje |
12-09-2024 - 13:49 |
| Objavljeno |
13-08-2024 - 04:15 |
